Also, much of my job is to trim CSP down to only the useful bits and adopt these =)
8/ Best we can do is work on alternatives (I do) & help improve CSP in the meantime
-
-
9/ There are "easy" ways to do it that could also make those who dislike CSP happy
-
10/ E.g. opt-in switches to fix dangerous APIs, likely better nonces/hashes, etc.
-
11/ If we treat CSP as anathema then we won't objectively evaluate such features.
-
12/ And that'd be a shame for users who'd otherwise benefit from the changes. [fin]
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.